Jul 22

If you’re one of thousands of Simpsons fans who added ChunkyLover53 as an AOL Instant Messenger buddy, your computer may be at risk from a Turkish botnet.

Homer Simpson

This story starts in 2002 in a Simpsons episode called "The Dad Who Knew Too Little."  As Homer was accessing his email, his address was revealed on screen as chunkylover53@aol.com.  Naturally, thousands of fans attempted to contact the yellow fellow via his AOL email address.  Matt Selmon, a Simpsons writer, had thought ahead and registered the email address in the real world.  He answered as many of the messages as he could, delighting fans who received responses from "Homer."

Many fans also added ChunkyLover53 to their AIM friends list.  No doubt they were disappointed when Homer never signed on, but they likely forgot about it as time went on.

Now six years later, ChunkyLover53 has become active again, sending a message to all his AIM friends.  If you view this message, you’ll see a link to a new web episode of The Simpsons.  If you foolishly click that link, you get an error message.  You also get infected with a Turkish botnet that uses your PC to steal your sensitive data and conduct spam attacks on other PCs.

Turns out the ChunkyLover53 account was hijacked by some very bad people.  This nasty attack, first reported by FaceTime Security Labs, employs a solid rootkit, so the only way to remove the infection is to reinstall your PC operating system from scratch.  As Homer would say, "D’oh!"

Article published on July 22, 2008




Leave a Reply